UNIT 5: WHAT IS CRYPTOGRAPHY? READING AND SPEAKING 1 1. Discuss the questions 1. Have you ever heard of the word “cryptography? If yes, what does it mean in your language? 2. What areas does cryptography relate? 3. In which areas is cryptography applied? 4. What goals does cryptography have? 2. Read the text and do the tasks below What is cryptography? Cau 2 The word “cryptography” is derived from the Greek words kryptos, meaning hidden, and.graphien, meaning to write. Historians believe Egyptian hieroglyphics, which began about 1900 B.C.E, to be an carly instance of encipherment. The key that unlocked the hieroglyphic secret was the Rosetta Stone, discovered in 1799 in lower Egypt and now located in the British Museum in London. Francois Champollion, using the Rosetta Stone, see Figure 5-1 deciphered the hicroglyphics in 1822. Although Egyptian codes are quite anecdotal, history includes many other cryptographic usages. Communication with secret codes was commonly required for diplomatic, during war, individual or corporate privacy. Figure 5-1 Rosetta Stone 110Cau 1.1Cryptography is the study of mathematical techniques related to aspects of Cau 3: Cau 5.4 information security such as confidentiality, data integrity, entity authentication, The unprocessed readable information is called plaintext or plain data. The process of making the information unreadable is called encryption or enciphering. [hG) Cau a ; ; : ; : ; 7 Cau 4: Cau 6: encrypt or decrypt information, an algorithm or so-called cipher is used. How a cryptographic algorithm works, is controlled by a secret key, sometimes called password or passphrase (on crypto machines, the key is the setting of the machine). The key is known only to those who are authorized to read the information. Without knowing the key, it should be impossible to reverse the encryption process, or the time to attempt to reverse the process should require take so much time that the information would become useless. ‘Cryptanalysis or crypto-analysis is the study and analysis of existing ciphers or encryption algorithms, (or Cryptanalysis is the process of obtaining the original message (called the plaintext) from an encrypted message (called the ciphertext) without knowing the algorithms and keys used to perform the encryption) in order tolassess their quality, to find weaknesses or to find a way to reverse the encryption process» without having-the key. Decryption without a key (often also without authorization) is a cryptanalytic attack, referred to as breaking or cracking a cipher. A cryptanalytic attack can exploit weaknesses in the algorithm or crypto device itself, exploit its implementation procedures, or try out all possible keys (a brute- force attack). In general, there are two types of attack: The ciphertext-only attack, where the cryptanalyst or attacker has access only to the ciphertext, and the known-plaintext attack, where the cryptanalyst has access to both ciphertext and its corresponding plaintext or assumed plaintext, to retrieve the corresponding key. Cryptology comprises both cryptography (making) and cryptanalysis (breaking) The expressions ‘code’, ‘encoding’ and ‘decoding’ are frequently used in cryptography, Code, however, is a simple replacement of information with other information, and doesn't use an algorithm, Generally, these are code books or tables that convert one value (letters, words or phrases) into another value (letter iCau 1.2 sequence, numerical value or special symbols). CyptOgRaphy;lotuhe Seber lata) uses an algorithm (often a combination of fractioning, transposition and Substitution) :to»manipulatesthe information, Although technically wrong, the expression ‘encoding’ is often used to indicate encryption or enciphering and one should therefore look at the context in which such expressions are used. Some use the terms cryptography and cryptology interchangeably in English, while others (including US military practice generally) use cryptography to refer specifically to the use and practice of cryptographic techniques and cryptology to . English is more refer to the combined study of cryptography and cryptanalys flexible than several other languages in which cryptology (done by cryptologists) is always used in the second sense above. In the English Wikipedia the general term used for the entire field is cryptography (done by cryptographers), The study of characteristics of languages which have some application in cryptography (or cryptology), ie., frequency data, letter combinations, universal patterns, etc., is called crypto linguistics. Cryptographic goals Four. There are confidentiality, data integrity, uthentication, . non-repudiation Cryptography is not the only means of providing information security, but rather ‘one set of techniques. Confidentiality is a service used to keep the content of information from all but those authorized to have it, Secrecy is a term synonymous with confidentiality and privacy. There are numerous approaches to providing confidentiality, ranging from physical protection to mathematical algorithms which render data unintelligible. Data integrity is a service which addresses the unauthorized alteration of data, To assure data integrity, one must have the ability to detect data manipulation by unauthorized parties. Data manipulation includes such things as insertion, deletion, Authentication is a service related to identification, This function applies to both entities and information itself, (NW6' parties ‘entering into W Wommniunication SHould) Cau 8.2identify each other. Information delivered over a channel should be authenticated, 48) to origin, date of origin, data: content,-time sent, ete, For these reasons this aspect of cryptography is usually subdivided into two major classes: BAG Cau 8. 1GRHGRTERTOR anidd ata GH LAAMEAEAIOA! Data origin authentication implicitly provides data integrity (for if a message is modified, the source has changed).Non-repudiation is a service which prevents an entity from denying. previous commitments or actions, When disputes arise due to an entity denying that certain actions were taken, a means to resolve the situation is necessary. For example, one entity may authorize the purchase of property by another entity and later deny such authorization was granted. A procedure involving a trusted third party is needed to resolve the dispute. A fundamental goal of cryptography is to adequately address these four areas in both theory and practice. Cryptography is about the prevention and detection of cheating and other malicious activities. 21. ayes ox 1 v Answer the questions . What is cryptography? What is it used for? Where does cryptography derive from and what does it mean? What aspects of information security does cryptography relate? What is cryptanalysis? What is encryption? What is decryption? Why does cryptanalysis study and analyze existing ciphers or encryption algorithms? . How many goals does cryptography have? What are they? What major classes of authentication usually subdivided? Why is it subdivided so’? Decide whether the following statements are true (T), false (F) or no information (NI) . Cryptanalysis is the term used for the study of methods for obtaining the meaning of encrypted information without access to the key normally required to do so. A. Trile B. False C.NI . In cryptography, a cryptosystem is a suite of cryptographic algorithms needed to implement a particular security service, most commonly for achieving confidentiality. A. True B. False 1133. Encryption is the process of encoding information which converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. A. True B. False C.NI 4. There is no need to find any ways to solve the situation when the two parties have strong disputes. A. True B, False C.NI . The term “code” and “cryptography” are the same and they are w changeable. A. True B. False C.NI 2.3. Choose the best answer to complete the following questions and statements 1. Which process needs the key? A. encryption B. decryption C. A&B are correct D. recovering the original information 2. What types of attacks are mentioned in the text? A. Brute force attack B. Ciphertext-only attack C. Known - plaintext attack DD, All above are correct 3. A ccseeeenedS t0 adequately address confidentiality, data integrity, authentication, and non-repudiation in both theory and practice, A. fundamental goal of cryptography B. general object of cryptography C. basic goal of cryptology D, general object of cryptanalysis 4. ...is a service which prevents an entity from denying previous commitments or actions. A. Non-repudiation B. Authentication C. Data integrity D. Confidentiality 5. What was considered an early instance of encipherment? A. Rosetta Stone B, Egyptian hieroglyphics 14C. Seytale D. A code book 6 .. ..is a service which relates to verification and it applies for both entities and information itself. A. Data integrity B. Non-repudiation C. Authentication D. Confidentiality 7. Which of the following attacks that can, in theory, be used to attempt to decrypt any encrypted data? A.A brute-force attack! B. dictionary attack C. A&B are correct D. Man-in the middle attack 8. Which of the followings is the study of analyzing information systems in order to study the hidden aspects of the systems? A. Cryptography B. Cryptology C, Cryptanalysis| D. A&B are correct 1, Speaking 1, What main contents do you get from the text? What do you know about them? 2. Present cryptography and its goals. 5READING AND SPEAKING 2 1. Discuss the questions 1. When was cryptography born’? Who used it first? . What were the earliest forms of cryptography? . Which historical periods do you think cryptography has experienced? . What does the word eryptographer mean? wren . Do you know or have you ever heard of any famous cryptographers? If yes, give some information to support your answer, 2. Read the text and do the tasks below Foundations of Cryptography 1900 B.C. Egyptian scribes used nonstandard hieroglyphs while inscribing clay tablets; this is the first documented use of written cryptography. 1500 B.C. Mesopotamian cryptography surpassed that of the Egyptians. This is demonstrated by a tablet that was discovered to contain an encrypted formula for pottery glazes; the tablet used symbols that have different meanings than when used in other contexts, 500 B.C. Hebrew scribes writing the book of Jeremiah used a reversed alphabet substitution cipher known as ATBASH. Stripofipapymus.wrapped,aroundsarwooden,staff, Messages were written down the length of the staff, and the papyrus was unwrapped. The decryption process involved wrapping the papyrus around a shaft of similar diameter, 50 B.C, Julius Caesar used a simple substitution cipher to secure military and . To form an encrypted text, Caesar shifted the letter government communicatios of the alphabet three places. In addition to this monoalphabetic substitution cipher, Caesar strengthened his encryption by substituting Greek letters for Latin letters: Fourth to sixth centuries The Kama Sutra of Vaisayana listed cryptography as the 44th and 45th of the 64 arts (yogas) that men and women should practice: (44) iting of words in a peculiar The art of understanding writing in cipher, and the way; (45) The art of speaking by changing the forms of the word, 116C7 725 Abu ‘Abd al-Rahman al-Khalil ibn Ahman ibn ‘Amr ibn Tammam al Farahidi al-Zadi al Yahmadi wrote a book (now lost) on cryptography; he also solved a Greek cryptogram by guessing the plaintext introduction. 855 Abu Wahshiyyaan-Nabati, a scholar, published several cipher alphabets that were used to enerypt magic formulas, 1250 Roger Bacon, an English monk, wrote Epistle of Roger Bacon on the Secret Works of Art and of Nature and Also on the Nullity of Magic, in which he described several simple ciphers 1392 The Equatorie of the Planetis, an early text possibly written by Geoffrey Chaucer, contained a passage in a simple substitution cipher. 1412 Subhalasha, a 14-volume Arabic encyclopedia, contained a section on cryptography, including both substitution and transposition ciphers, as well as ciphers with multiple substitutions, a technique that had never been used before. 1466 Leon Battista Alberti, the Father of Wester cryptography, worked with polyalphabetic substitution and also invented a device based on two concentric discs that simplified the use of Caesar ciphers. 1518 Johannes Trithemius wrote the first printed book on cryptography and invented a steganographic cipher, in which each letter was represented as a word taken from a succession of columns. He also described a polyalphabetic encryption method using a rectangular substitution format that is now commonly used. He is credited with introducing the method of changing substitution alphabets with each letter as it is deciphered 1553 Giovan Batista Belaso introduced the idea of the hrase (password) as a key for encryption; this polyalphabetic encryption method is misnamed for another person who later used the technique and is called “The Vigenére Cipher” today. 1563 Giovanni Battista Porta wrote a classification text on encryption methods, categorizing them as transposition, substitution, and symbol substitution, 1623 Sir Francis Bacon described an encryption method employing one of the first uses of steganography; he encrypted his messages by slightly changing the type-face of a random text so that each letter of the cipher was hidden within the text. In deed polyalphabetic ciphers were invented by the three main contribution including Johannes Trithemius (1462-1516), Giovanni Battista Porta (1535-1615), and Blaise de Vigenere (1523-1596) 117C1 C4 1790s Thomas Jefferson created a 26-letter wheel cipher, which he used for official communications while ambassador to France; the concept of the wheel cipher would be reinvented in 1854 and again in 1913, 1854 Charles Babbage reinvented Thomas Jefferson's wheel cipher. He developed the multiple frequency analysis techniques. 1861-1865 During the U.S, Civil War, Union forces used a sul encryption method based on specific words, and the Confederacy used a polyalphabetic cipher whose solution had been published before the start of the Civil War, By the end of the 19" century important steps were made in the development of cryptography, Auguste Kerckhoff was one of the most important men changed cryptography from dark art into a science based on mathematics. 1914-1917 During World War I, the Germans, Britis! of transposition and substitution ciphers in radio communications throughout the stitution ind French used a series war, All sides expended considerable effort to try to intercept and decode communications, and thereby created the science of cryptanalysis. British cryptographers broke the Zimmerman Telegram, in which the Germans offered Mexico U.S. territory in return for Mexico's support. This decryption helped to bring the United States into the war. 1917 William Frederick Friedman, the father of U.S. cryptanalysis, and his wife, Elizabeth, were employed as civilian cryptanalysts by the U.S. government. Friedman later founded a school for cryptanalysis in Riverbank, Illinois 1917 Gilbert $. Vernam, an AT&T employce, invented a polyalphabetic cipher machine that used a nonrepeating random key. He also invented one-time pad encryption for Telex Traffic. {999} Hugo Alexander Koch filed a patent in the Netherlands for a rotor-based cipher machine; in 1927, Koch assigned the patent rights to ARRUESCHGEDRIS NIE) SBVGRLORONINELAGAAAACHAAS) which was a mechanical substitution cipher. 1927-1933 During Prohibition, criminals in the U.S. began using cryptography to protect the privacy of messages used in criminal activities. 1937 Event the Japanese developed the Purple machine, which was based on principles similar to those of Enigma and used mechanical relays from telephone systems to encrypt diplomatic messages. By late 1940, a team headed by William Friedman had broken the code generated by this machine and constructed a machine that could quickly decode Purple’ s ciphers. 118C5.1 C5.2 1939 -1942 The Allies secretly broke the Enigma cipher, undoubtedly shortening World War II. 1942 Navajo code talkers entered World War II; in addition to speaking a language that was unknown outside a relatively small group within the United States, the Navajos developed code words for subjects and ideas that did not exist in their native tongue 1948 Claude Elwood Shannon suggested using frequency and statistical analysis in the solution of substitution ciphers. It was Claude Elwood Shannon who laid foundations for modern cryptography and was the father of Information Theory. 1970 Dr. Horst Feistel led an IBM research team in the development of the Lucifer cipher, One of the first block ciphers -encryption performed on block of data bits was the Lucifer cipher, designed by Fiestel and Coppersmith for IBM, and based on what is known as Fiestel network. It was the predecessor of DES. 1976 A design based upon Lucifer was chosen by the U.S. National Security Agency as the Data Encryption Standard and found worldwide acceptance. 1976 WACO ATETAAEUMARIANAEIGEA introduced the idea of public-key cryptography of which algorithms are based on the computational complexity problem, The Diffie-Hellman algorithms are Based) On the discrete logarithin) Problem) One of the most significant contributions provided by public-key cryptography is the digital signature. 1977 Ronald Rivest, Adi Shamir, and Leonard Adleman developed a practical public-key cipher for both confidentiality and digital signatures; the RSA family of computer encryption algorithms was born. They invented RSA algorithms which are based on the problem of factorization of large prime. Because of their solution to the secret key distribution problem, the Diffie-Hellman algorithms and RSA’aie) among the most widely used crypto algorithms in the world, 1992 The initial RSA algorithm was published in the Communication of ACM. 1991 Phil Zimmermann released the first version of PGP (Pretty Good Privacy); PGP was released as freeware and became the worldwide standard for public cryptosystems. The first international standard for digital signature (ISO/IES 9796) was adopted. 2000 Rijndael’s cipher was selected as the Advanced Encryption Standard. AES is a subset of the Rijndael block cipher developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen, who submitted a proposal to NIST during the AES selection process. 1192.1. Al i; C3:Enigma 3. nswer the questions When was cryptography changed from dark art into a science based on mathematics? Who changed it? Who was the father of Information Theory? What device was developed and used in the early- to mid-20th century to protect commercial, diplomatic and military communication? 4. Who invented Enigma machine and when was it invented? Who introduced the idea of public-key cryptography? What are its algorithms based on? the computational complexity problem. . What device was developed by the Spartans of Greece? When was it developed? What did Leon Battista Alberti invent? Which algorithms are the most widely used in the world among crypto algorithms? 2.2. Decide whether the following statements are true (T), false (F) or no information (NI) Giovan Batista Belaso invented a device based on two concentric discs that implified the use of Caesar ciphers, A.True B, False C.NI » The idea of public-key cryptography belongs to Ronald Rivest, Adi Shamir, and Leonard Adleman. A. True B, False C.NI Charles Babbage developed the multiple frequency analysis techniques. A. True B, False C.NI Leon Battista Alberti was an Italian Renaissance humanist author, artist, architect, poet, priest, linguist, philosopher and eryptographer. A. True B, False CNT Vincent Rijmen and Joan Daemen, who submitted a proposal to NIST during the AES selection process are Belgian. ATrue B, False C.NI 1202.3. Choose the best answer for the following questions 1, Who invented one-time pad encryption for Telex Traffic? A. Hugo Alexander Koch B. Gilbert S.Vernam_ C. Dr. Horst Feistel D, Charles Babbage 2. What cipher did Julius Caesar use to secure military and government communications? A, Monoalphabetic substitution cipher B.A simple substitution cipher C. A&B are incorrect D. Transposition cipher 3. What is one of the most significant contributions provided by public-key cryptography? A. The one-time pad B. The key distribution C. The frequency analysis D. The digital signature 4, When was the Enigma cipher broken? Who broke it? A, In World War II/The Japanese B. In1939 -1942/The Allies | C. In World War I/The Americans D. In the 1942/The British 5. Which of the followings is one of the first block ciphers? A. Caesar cipher B, Wheel cipher C. Lucifer cipher D. Vigenére cipher 6, Who broke Japan’s Purple’s ciphers? A. William Friedman B, Gilbert S, Vernam C. Horst Feistel D. Phil Zimmermann 7. What types of cipher were used in radio communications during World War 1? A, Transposition ciphers B, Substitution ciphers C. Enigma cipher D. A&B are correct 8. Why did the United States decide to take part in World War I? A, Because the Zimmerman Telegram was broken. C, Because the Purple machine was used. 121C1.2 C1.3 C14 READING AND SPEAKING 3 1. Discuss the questions 1, What does the word terminology mean? . What is terminology? . What is term of cryptography? . Which Vietnamese terms of cryptography do you know? wp eH . Which English terms of cryptography do you know? What do they mean in Vietnamese? Some basic terminology and concepts Encryption domains and codomains + A denotes a finite set called the alphaber of definition. For example, A = {0, 1}, the binary alphabet, is a frequently used alphabet of definition. Note that any alphabet can be encoded in terms of the binary alphabet. For example, since there are 32 binary strings of length five; each letter of the English alphabet can be assigned a unique binary string of length five. Menai a Secale We esage AEE IM consists of rings of symbols from an alphabet of definition. An element of M is called a plaintext message or simply a plaintext. For example, M may consist of binary strings, English text, computer code, ete + Cdeiotes a Set called the ciphertext space! C consists of strings of symbols from an alphabet of definition, which may differ from the alphabet of definition for M. An clement of C is called a ciphertext. Encryption and decryption transformations « K denotes a setcalledithe:keyspaéé. An element of K is called a key. * Each element ¢ ¢X uniquely determines a bijection from M to C, denoted by E. is called an encryption function or an encryption transformation. Note that E. must be a bijection if the process is to be reversed and a unique plaintext message recovered for each distinct ciphertext. * Foreach d « K, D, denotes a bijection from C to M (i.e, Dy: C—> M). Duis 123© The process of applying the transformation E, to a message m. M is usually referred to as encrypting m or the encryption of m. + The process of applying the transformation D, to a ciphertext c is usually referred to as deerypting e or the deeryption of ce. + Awencryption scheme consists of a set {E.7e € Kj of encryption Sibiicwucenadcqupeiapesiensdedhanatl K}. of decryption transformations with the property that for each eK there is a unique key d « K such that Dy = Ey"; that is, Dy (E. (m)) =m forall m ¢ M. An encryption scheme is sometimes referred to as a cipher. + The sometimes denoted by (e, d). Note that ¢ and d could be the same. Senders Public Key € Figure 5-2. Example of Encryption Scheme Achieving confidentiality An encryption scheme may be used as follows for the purpose of achieving confidentiality. Two parties Alice and Bob first secretly choose or secretly exchange a key pair (e, d). At a subsequent point in time, if Alice wishes to send a message m < M to Bob, she computes ¢ = £, (m) and transmits this to Bob. Upon receiving c, Bob computes D, (c) = m and hence recovers the original message m. 124C6 124 The question arises as to why keys are necessary. (Why not just choose one encryption function and its corresponding decryption function’ Having transformations, which are very similar but characterized by keys means that if some particular encryption/decryption transformation is revealed then one does not have to redesign the entire scheme but simply change the key. It is sound cryptographic practice to change the key (encryption/decryption transformation) frequently. As a physical analogue, consider an ordinary resettable combination lock. The structure of the lock is available to anyone who wishes to purchase one but the combination is chosen and set by the owner. If the owner suspects that the combination has been revealed he can easily reset it without replacing the physical ‘mechanism. Example (encryption scheme) Let M = {m., m, m} and C= {e, ¢, e} and, There are precisely 3! = 6 bijections from Af to C. The key space K = {I, 2, 3, 4, 5, 6} has six elements in it, cach specifying one of the transformations. Figure 1 illustrates the six encryption functions which are denoted by E, 1S i<6. Alice and Bob agree on a transformation, say £. To encrypt the message my, Alice computes E, (m)) = ¢, and sends c, to Bob. Bob decrypts ¢, by reversing the arrows on the diagram for E\ and observing that c. points to m. By Ba Es m oc mo—ro a m, o—o ar m oc m2 Sat co ma 0O—mo e ms ‘Os ms O8 ms o—woes Bs Es Eo m es m Sx a m a m. O02 m2 ‘Oc ma oe ms cs m3 0—0 ¢3 ms Figure 5-3. Schematic of a simple encryption scheme When is a small set, the functional diagram is a simple visual means to describe the mapping. In cryptography, the set is typically of astronomical proportions and, as such, the visual description is infeasible. What is required, in these cases, is some 125other simple means to describe the encryption and decryption transformations, such as mathematical algorithms, Figure 5.4 provides a simple model of a two- party communication using encryption. ‘encryption ell! E,(m) =e ‘UNSECURED CHANEL, ‘ plaintext source Alice Bob Figure 5-4. Schematic of a two-party communication using encryption 2.1. Answer the questions 1, What do the letter 4, M, C, K denote? 2. Which letters denote a key pair? 3. What is Dy called? 4, What does an encryption scheme consist of? 5. What does one have to do to construct an encryption scheme? 6. What does the owner of the key do if he suspects that the combination has been revealed? 7. How is an encryption scheme used to achieve confidentiality? 2.2. Decide whether the following statements are true (T), false (F) or no information (NI). Correct the false (F) 1. A letter of the English alphabet can be assigned unique binary strings of length five. A. True B. False c.NI 2. The structure of the lock is available to anyone who wishes to purchase one 126but the combination is chosen and set by the owner. A. True B. False C.NI 3. M consists of strings of symbols from the binary alphabet. A. True B. False c.NI 4. There are 23 binary strings of length nine A. True B. False c.NI 5. A decryption scheme consists of a set {E.: eK} of decryption transformations. A. True B. False. C.NI 2.3. Choose the best answer to complete the following statements 1. An element of M is called ...............6606sc008 A. a ciphertext space B, a ciphertext C. a decryption scheme D, a plaintext message or simply a plaintext 2. An element of K is called .... A. an alphabet of definition B. akey C. aciphertext D. a plaintext 3. An clement of C is called ..........:.00cee cece A. a ciphertext space B. a decryption scheme C. aciphertext D. akey pair 4, Orne has to v.iisssvsscrseoees if some particular encryption or decryption transformation is revealed. A. change the key B. redesign the entire scheme C. change the key D. reset the key 5. The structure of the lock ................... but the combination is chosen and set by the owner. A. is available to anyone who wants to purchase one 127B. is unavailable to anyone who wishes to purchase one C. A & B are correct D. All above 6. The diagram in Figure 5-3. Schematic of a simple encryption scheme is good for describing an encryption scheme A. when the set is typically of astronomical proportions B, When the set is small C. When is a small set D. B & C are correct 3. Speaking 1. Give definitions to the basic terminologies of cryptography according to the text. 2. Present the following contents: - Encryption scheme - How to achieve confidentiality 3. Describe Figure 5-4 128READING AND SPEAKING 4 1, Discuss the questions 1, How many parties do you think normally participate in a two-way communication? Who are they? 2. What enables them to convey information to each other? 3. Do you think that the information transmitted via a communication channel is always secure? Why and why not? 4. According to you, who can steal that information and are there any means. to prevent this problem? Communication participants Adversary encryption a Em) =e UNSECURED CHANNEL tn pense destination source Alice Bob Figure 5-5, Schematic of a two-party communication using encryption Referring to Figure 2 the following terminology is defined as follow: * An entity or a party is someone or something which sends, receives, or manipulates information. Alice and Bob are entities in Example (sce figure 5-5), An entity may be a person, a computer terminal, ete. {fAASihitter of information. dn Figure 5-5, the sender is Alice. C1 + A receiver is an entity in a two-party communication which is the intended, f€Gipientof,information. In Figure 5-5, the receiver is Bob. 129+ An adversary is an entity in a two-party communication which is neither the | C1 Seiider nor receiver, and which tries to defeat the information security service being, itovided-betweensthessendenandsreeeiver, Various other names are synonymous with adversary such as enemy, attacker, opponent, tapper, eavesdropper, intruder, interloper, and interceptor. An adversary will often attempt to play the role of cither the legitimate sender or the legitimate receiver. Channels Adversary i. Alice Bob Figure $-6: Two-party communication using encryption, with a secure channel for key exchange, The decryption key can be efficiently computed from the encryption key Referring to Figure 5-6 the following terminology is defined as follow: + A channel is a means of conveying information from one entity to another. + A physically secure channel or secure channel is one which is not physically accessible to the adversary. * An unsecured channel is one from which the information is intended can beSecurity +A fundamental premise in cryptography is that the sets M,C, K (Ee: ¢ Kj, [Du sd © K} are public knowledge. When two parties wish to communicate securely using an encryption scheme, (HG°GRIy"iinig "ia Uiey "keep secre inne) particular key pair (¢, d) which they are using, and which they must select One can gain additional security by keeping the class of encryption and decryption transformations secret but one should not base the security of the entire scheme on this approach. History has shown that maintaining the secrecy of the transformations is very difficult indeed. + An encryption scheme is said to be breakable if a third party, without prior knowledge of the key pair (¢, d), can systematically recover plaintext from corresponding ciphertext within some appropriate time frame. An appropriate time frame will be a function of the useful lifespan of the data being protected. For example, an instruction to buy a certain stock may only need to be kept secret for a few minutes whereas state secrets may need to remain confidential indefinitely. “(jie one the communicating parties aresusing(assuming=thatethenclasse6f] Eheryption.functions is.public. knowledge). This is called an exhaustive search of the key space. It follows then that the number of keys (i.e. the size of the key space) should be large enough to make this approach computationally infeasible. It is the objective of a designer of an encryption scheme that this be the best approach to break the system, Information security in general + Information security service is a method to provide some specific aspects of security. For example, integrity of transmitted data is a security objective, and a method to ensure this aspect is an information security service. + Breaking an information security service (which often involves more than simply encryption) implies defeating the objective of the intended service. + A passive adversary is an adversary who is capable only of reading information from an unsecured channel, + An active adversary is an adversary who may also transmit, alter, or delete information on an unsecured channel, 2.1. Answer the questions 1. What is the difference among a sender, a receiver, and an adversary? 1312, What are unsecured channel and secured channel? What is the only thing that the two parties keep secret when using an encryption scheme? Can an encryption scheme be broken? When and how? What does the word This in the last paragraph refer to? What is the objective of a designer of an encryption scheme? What is information security service? Give some examples, er awe Whaat is the difference between an active adversary and a pi adversary? 2.2. Decide whether the following statements are true (T), false (F) or no information (NI). Correct the false (F).) 1, The term adversary has five other names including enemy, attacker, opponent, tapper, and cavesdropper. A. True B. False, C.NI 2. An appropriate time frame will never be a function of the useful lifespan of the data being protected. A. True B, False C.NI 3. Maintaining the secrecy of the transformations is very difficult indeed. A. True B. False C.NI 4, There are many different terms replacing the word an adversary which tries to play the role of either the legal receiver or the legal sender, A. True B, False NI 5. An unsecured channel is one from which an adversary does not have the ability to reorder, delete, insert, or read. A. True B. False CN 2.3, Choose the best answer to complete the following questions and statements 1, Which channel sible to the adversary? 132B. An unsecured channel C. A seeured channel D, A, secure channel 2. Which role does an adversary attempt to play in a two-way communication? A. the illegitimate sender or the illegitimate receiver B. The role of the sender only C. the legitimate sender or the legitimate receiver D, The role of the receiver only 3. What is a fundamental premise in cryptography? A. the set 4, CK /Ee:e Kj, {D,:d K} B. the sets M, CK {E,:e Kj, (Deid K} C. Either A or B D. Both A and B is an entity in a two-party communication which is the legitimate transmitter of information. A, sender B, receiver C. adversary D, channel .. is an entity in a two-party communication which is the intended recipient of information. A, channel B, adversary C. sender Di receiver ... an information security service implies defeating the objective of the intended service. A. Transmitting B. Defeating ©: Breaking | D. Conveying 7. AJAN ... sis an adversary who is capable only of reading information from an unsecured channel. A. passive adversary B. active adversary C. entity D. party 1338. A/An ......is a means of conveying information from one entity to another. A. adversary B, information security service €. exhaustive search D. channel 9, Am ..ssccesssnis an adversary who may also transmit, alter, or delete information on an unsecured channel. A, passive adversary B. entity . active adversary D. pany 1O.....ccssesssssesseesi8 a method to provide some specific aspects of security. A. Channel B. Information security service C. exhaustive search D, Secure channel 3, Speaking 1, Give definition to the terms in Figure 5-5 and Figure 5-6. 2. Present communication participants and channels. 2. Describe Figure 5-5 and Figure 5-6 4. Listening 1. hitps://\www.binance. vision/security/history-of-crypto graphy 2. https://www.youtube.com/watch?v=QqT WylS8Rvw WRITING AND SPEAKING 1. Write about 350 -400 words about one of the following topics in your own words, - Cryptography - Goals of cryptography - A brief history of cryptography 2. Present the following contents: - Cryptography - Goals of cryptography - A brief history of cryptography 134